Blogger arrested in Ecuador after exposing weaknesses in State database

An Ecuadorian blogger was arrested after using President Rafael Correa's information to demonstrate the vulnerability of the government's system on Friday, Nov. 30, reported the newspaper El Universo. Paul Moreno was arrested in the city of Riobamba on the orders of the National Directory of Registration and Public Data (DINARDAP in Spanish), which accused him of hacking into the system.

A month ago, the blogger had warned about the lack of security in the Dato Seguro system that guards information about citizens registered with various State institutions, according to the website Ecuavisa. To prove his claim, Moreno created a user and password with the president's information, which allowed him to access all of the head of state's information, the website added.

Moreno published his denouncement of DINARDAP's system on his blog on Nov. 26, titled "www.DatoSeguro.gob.ec NO es seguro" (www.SecureData.gob.ec is NOT secure). In the post, the blogger explained each step he took to access the account and said "it was not done for criminal reasons or to release information that could be used for ill intent, nor to sell information, blackmail or any other illegal or immoral act."

After his arrest, the police seized his computer to investigate if he committed fraud or some other scheme with the president's information, according to the newspaper El Comercio. His familiy insists Moreno only wanted to expose the fact that the personal information of 14 million Ecuadorians was at risk in a system that cost the Andean country $10 million, added the newspaper.

The blogger announced his arrest over Twitter.

Note from the editor: This story was originally published by the Knight Center’s blog Journalism in the Americas, the predecessor of LatAm Journalism Review.